summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/rpc_server/srv_samr.c23
-rw-r--r--source3/rpc_server/srv_samr_nt.c61
2 files changed, 32 insertions, 52 deletions
diff --git a/source3/rpc_server/srv_samr.c b/source3/rpc_server/srv_samr.c
index d5666e741d..e3ac2e42d5 100644
--- a/source3/rpc_server/srv_samr.c
+++ b/source3/rpc_server/srv_samr.c
@@ -349,28 +349,7 @@ static bool api_samr_query_userinfo(pipes_struct *p)
static bool api_samr_query_usergroups(pipes_struct *p)
{
- SAMR_Q_QUERY_USERGROUPS q_u;
- SAMR_R_QUERY_USERGROUPS r_u;
- prs_struct *data = &p->in_data.data;
- prs_struct *rdata = &p->out_data.rdata;
-
- ZERO_STRUCT(q_u);
- ZERO_STRUCT(r_u);
-
- if(!samr_io_q_query_usergroups("", &q_u, data, 0)) {
- DEBUG(0,("api_samr_query_usergroups: unable to unmarshall SAMR_Q_QUERY_USERGROUPS.\n"));
- return False;
- }
-
- r_u.status = _samr_query_usergroups(p, &q_u, &r_u);
-
- /* store the response in the SMB stream */
- if(!samr_io_r_query_usergroups("", &r_u, rdata, 0)) {
- DEBUG(0,("api_samr_query_usergroups: unable to marshall SAMR_R_QUERY_USERGROUPS.\n"));
- return False;
- }
-
- return True;
+ return proxy_samr_call(p, NDR_SAMR_GETGROUPSFORUSER);
}
/*******************************************************************
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 5081565a5a..36860f9182 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -2184,16 +2184,17 @@ NTSTATUS _samr_query_userinfo(pipes_struct *p, SAMR_Q_QUERY_USERINFO *q_u, SAMR_
}
/*******************************************************************
- samr_reply_query_usergroups
+ _samr_GetGroupsForUser
********************************************************************/
-NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, SAMR_R_QUERY_USERGROUPS *r_u)
+NTSTATUS _samr_GetGroupsForUser(pipes_struct *p,
+ struct samr_GetGroupsForUser *r)
{
struct samu *sam_pass=NULL;
DOM_SID sid;
DOM_SID *sids;
- DOM_GID dom_gid;
- DOM_GID *gids = NULL;
+ struct samr_RidWithAttribute dom_gid;
+ struct samr_RidWithAttribute *gids = NULL;
uint32 primary_group_rid;
size_t num_groups = 0;
gid_t *unix_gids;
@@ -2203,6 +2204,8 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S
NTSTATUS result;
bool success = False;
+ struct samr_RidWithAttributeArray *rids = NULL;
+
/*
* from the SID in the request:
* we should send back the list of DOMAIN GROUPS
@@ -2215,16 +2218,22 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S
* JFM, 12/2/2001
*/
- r_u->status = NT_STATUS_OK;
+ DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__));
- DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
+ rids = TALLOC_ZERO_P(p->mem_ctx, struct samr_RidWithAttributeArray);
+ if (!rids) {
+ return NT_STATUS_NO_MEMORY;
+ }
/* find the policy handle. open a policy on it. */
- if (!get_lsa_policy_samr_sid(p, &q_u->pol, &sid, &acc_granted, NULL))
+ if (!get_lsa_policy_samr_sid(p, r->in.user_handle, &sid, &acc_granted, NULL))
return NT_STATUS_INVALID_HANDLE;
- if (!NT_STATUS_IS_OK(r_u->status = access_check_samr_function(acc_granted, SA_RIGHT_USER_GET_GROUPS, "_samr_query_usergroups"))) {
- return r_u->status;
+ result = access_check_samr_function(acc_granted,
+ SA_RIGHT_USER_GET_GROUPS,
+ "_samr_GetGroupsForUser");
+ if (!NT_STATUS_IS_OK(result)) {
+ return result;
}
if (!sid_check_is_in_our_domain(&sid))
@@ -2274,36 +2283,38 @@ NTSTATUS _samr_query_usergroups(pipes_struct *p, SAMR_Q_QUERY_USERGROUPS *q_u, S
gids = NULL;
num_gids = 0;
- dom_gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
- SE_GROUP_ENABLED);
- dom_gid.g_rid = primary_group_rid;
- ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids);
+ dom_gid.attributes = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
+ SE_GROUP_ENABLED);
+ dom_gid.rid = primary_group_rid;
+ ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
for (i=0; i<num_groups; i++) {
if (!sid_peek_check_rid(get_global_sam_sid(),
- &(sids[i]), &dom_gid.g_rid)) {
+ &(sids[i]), &dom_gid.rid)) {
DEBUG(10, ("Found sid %s not in our domain\n",
sid_string_dbg(&sids[i])));
continue;
}
- if (dom_gid.g_rid == primary_group_rid) {
+ if (dom_gid.rid == primary_group_rid) {
/* We added the primary group directly from the
* sam_account. The other SIDs are unique from
* enum_group_memberships */
continue;
}
- ADD_TO_ARRAY(p->mem_ctx, DOM_GID, dom_gid, &gids, &num_gids);
+ ADD_TO_ARRAY(p->mem_ctx, struct samr_RidWithAttribute, dom_gid, &gids, &num_gids);
}
- /* construct the response. lkclXXXX: gids are not copied! */
- init_samr_r_query_usergroups(r_u, num_gids, gids, r_u->status);
+ rids->count = num_gids;
+ rids->rids = gids;
- DEBUG(5,("_samr_query_usergroups: %d\n", __LINE__));
+ *r->out.rids = rids;
- return r_u->status;
+ DEBUG(5,("_samr_GetGroupsForUser: %d\n", __LINE__));
+
+ return result;
}
/*******************************************************************
@@ -5268,16 +5279,6 @@ NTSTATUS _samr_ChangePasswordUser(pipes_struct *p,
/****************************************************************
****************************************************************/
-NTSTATUS _samr_GetGroupsForUser(pipes_struct *p,
- struct samr_GetGroupsForUser *r)
-{
- p->rng_fault_state = true;
- return NT_STATUS_NOT_IMPLEMENTED;
-}
-
-/****************************************************************
-****************************************************************/
-
NTSTATUS _samr_QueryDisplayInfo(pipes_struct *p,
struct samr_QueryDisplayInfo *r)
{